SECURTIY

Last updated: Sept 8, 2018

We take careful measures to ensure that your coins are as safe as possible.

Security of funds and user information is our top priority. Our security team is continually improving our end-to-end security measures, improving auditing processes, and reducing the 'attack surface' of our infrastructure. Please note that we cannot disclose too many details of the security measures implemented on the platform for security and proprietary reasons.

User Account Protection

2-Step Verification on All Accounts
In addition to your username and password, you'll enter a code from your mobile phone (Google authenticator) or email, adding an extra layer of security for your account.

We hash passwords stored in the database using PBKDF2 algorithm with a SHA256 hash

System Security

Our website traffic runs entirely over encrypted SSL (https).

Wallets (and private keys) are stored using encryption.

Application credentials are kept separate from the database and code base.

We rate limit a variety of actions on the site (login attempts, etc).

We use SQL injection filters and verify the authenticity of POST, PUT, and DELETE requests to prevent CSRF attacks.

Always up-to-date Linux systems to host the platform
Our servers network is protected using always up-to-date software and the best possible practices.

Automatic backup of the database once a day
Once a day, the database of the platform is backed up, encrypted and compressed as an archive.

Protection from DDoS attacks
We are protected by automatic Distributed Denial of Service protection to ensure that trading cannot be halted by outside attacks.

DISCLAIMER

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your information, we cannot guarantee the security of your data transmitted to the Platform. Any transmission is at your own risk. Once we have received your information, we use the procedures and security features as provided under the terms of this Privacy Policy to try to prevent unauthorised access.

Where we have given you (or where you have chosen) a username and password which enables you to access our Platform, you are responsible for keeping these details confidential. We ask you not to share your password with anyone. You must log out when you leave our Platform protected by a password. We recommend closing the browser completely and re-opening it before accessing other websites over the internet

You understand and acknowledge that generally, information published on a blockchain (including, without limitation, transactional information) is susceptible to public disclosure since any blockchain ledger is publicly accessible. As a result, Digital Asset transactions, whether executed on the Platform or otherwise, are not truly anonymous. Similarly, the balance and transaction history of any public Digital Asset address can also be viewed by the public at large. Further, the information relating to a public Digital Asset address can also be correlated / matched with technical information automatically collected over the internet, in order to ascertain your identity. Also, data- analysis techniques can be used on a blockchain to identify information about you. You understand and acknowledge that we cannot be held liable for any loss of your information sustained due to the inherent lacunas of blockchain technology.